CN105024824B - The generation and verification method and system of credible label based on rivest, shamir, adelman - Google Patents
The generation and verification method and system of credible label based on rivest, shamir, adelman Download PDFInfo
- Publication number
- CN105024824B CN105024824B CN201510454896.5A CN201510454896A CN105024824B CN 105024824 B CN105024824 B CN 105024824B CN 201510454896 A CN201510454896 A CN 201510454896A CN 105024824 B CN105024824 B CN 105024824B
- Authority
- CN
- China
- Prior art keywords
- credible
- label
- information
- credible label
- verifying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The generation and verification method and system of the invention proposes a kind of credible label based on rivest, shamir, adelman, by the way that credible label raw information, tag identifier, commodity sign, the public key information of rivest, shamir, adelman, digital certificate information, digital signature information and trusted timestamp or trusted identity timestamp information are generated credible label;When needing to use or verify the credible label, ensure that credible label generates the validity and integrality of time and content by verifying trusted timestamp in credible label or trusted identity timestamp information, by verifying the validity of the digital certificate in credible label or the legitimacy of public-key cryptography, to authenticate the identity of credible label owner, and by verifying the digital signature in credible label, so that it is determined that the integrality of the credible label substance, realizes the antiforge function to commodity by the uniqueness of verifying tag identifier and the uniqueness of commodity sign.
Description
Technical field
The present invention relates to cryptography, computer network security and product false proof fields, and specifically, The present invention gives one
The generation and verification method and system of credible label of the kind based on rivest, shamir, adelman.
Background technique
Rivest, shamir, adelman is a kind of time slot scrambling of key.Rivest, shamir, adelman needs two keys: disclosing close
Key (public key) and private cipher key (private key).Public-key cryptography and private cipher key are a pair, if using public-key cryptography
Data are encrypted, could only be decrypted with corresponding private cipher key;If encrypted with private cipher key pair data,
It could only be decrypted with corresponding public-key cryptography.Because encryption and decryption use two different keys, this calculation
Method is called rivest, shamir, adelman.
The cryptographic system (Identity-Based Cryptograph, abbreviation IBC) of identity-based mark is a kind of non-right
The public key cryptography system of title.The concept of id password proposed that main viewpoint was not required in system in 1984 by Shamir
Certificate is wanted, uses mark such as name, IP address, E-mail address, phone number of user etc. as public key.The private key of user
It is calculated by key generation centre (Key Generate Center, abbreviation KGC) according to system master key and user identifier.
The public key of user is uniquely determined by user identifier, so that user does not need third party to guarantee the authenticity of public key.
Conbined public or double key CPK (Combined Public Key) is a kind of to become existing public key system based on mark
Many algorithms are dexterously combined, realize based on mark by establishing the framework of science by the universal method of public key system
Key generate, can support digital signature based on mark and key exchange.The well-known information security in China and cryptographist south
The great professor in Hunan proposed the conception of CPK combined public-key scheme in 1999, and the externally formal announcement in 2003.
PKI (Public Key Infrastructure) is a kind of public key concept and technology i.e. " Public Key Infrastructure "
Implement and the security infrastructure with universality of security service is provided, is that a kind of key management for following written standards is flat
Platform, it can provide the cryptographic services such as encrypted and digitally signed and necessary key and certificate management body for all-network application
System, in simple terms, PKI are exactly the infrastructure for the offer security service established using public key theory and technology.PKI technology is letter
Cease the core of safe practice and the key and basic technology of e-commerce.
PKI technology uses certificate management public key, passes through third-party trusted authorities-CA (Certificate
Authority) authentication center bundles the public key of user and the other identifier information of user, and verifying is used on the internet
The identity at family.Currently, general method is using the digital certificate established on the basis PKI, by the number to be transmitted
Information is encrypted and is signed, and guarantees confidentiality, authenticity, integrality and the non-repudiation of information transmission, to guarantee to believe
The safe transmission of breath.PKI is to provide the infrastructure of security service for Internet communication based on public key algorithm and technology, be create,
Issue, manage, nullifying the aggregate of all softwares, hardware involved by public key certificate.Its core element is digital certificate, core
Heart executor is ca authentication mechanism.
Complete PKI system must have authoritative digital certificate authentication center (CA), digital certificate library, cipher key backup and
Recovery system, certificate cancel the basic composition parts such as system, application interface (API), and building PKI also will be around this five big systems
To set about constructing.The basic technology of PKI includes encryption, digital signature, data integrity mechanism, digital envelope, dual number label
Name etc..One typical case, complete, effective PKI application system should at least have following part:
Public key certificate management.
The publication and management of blacklist.
The backup and recovery of key.
Automatically update key.
Automatic management history key.
Support cross-certification.
Digital signature, also referred to as public key digital signature, refer to one group of specific symbol being attached in a certain electronic document or
Code, it is to carry out key message extraction to the electronic document using mathematical method and cryptographic algorithm and encrypted and formed
, for the approval to electronic document of identity and label originator of identification issuer, and can the person of being received be used to verify the electronics
Whether document is tampered or forges in transmission process.Detailed process is as follows for digital signing operations: sender is to the electricity being signed
Subfile (claiming electronic message in Electronic Signature Law) does digital digest with hash algorithm, then makes to digital digest of signature private key
Asymmetric encryption, that is, do digital signature, is to add the public key of above signature and electronic document original text and signing certificate later
Signature result is formed together and is sent to debit, is verified to debit.After recipient receives data, the public key solution of sender is used first
Close digital signature exports digital digest, and does same hash algorithm to electronic document original text, obtains a new number and plucks
It wants, the cryptographic Hash that two are made a summary carries out result comparison, and as a result if identical, signature is verified, and otherwise signature is invalid.
Digital certificate is called " digital ID card ", " digital ID ", is by authentication center's granting and authenticated center CA number
Signature, a kind of electronic document comprising public-key cryptography owner and public-key cryptography relevant information can be used to prove number
The true identity of certificate holder.Simplest certificate includes the number of a public-key cryptography, title and certificate authority
Signature.It under normal circumstances further include the effective time of key, the title of licence issuing authority (certificate authority), the certificate in certificate
Information, the format of certificate such as sequence number follow ITUT X.509 international standard.
HASH is hashed, also referred to as Hash, i.e., the input of random length (is called and does preliminary mapping, pre-image), passed through
HASH algorithm is transformed into the output of regular length, which is exactly HASH value (also known as digital digest).This conversion is a kind of pressure
The space of contracting mapping, i.e. hash HASH value is generally much less than the space inputted, and different inputs may generate identical output,
But input value can not be uniquely determined from hashed value.
Trusted timestamp is to stab standard " RFC3161 " according to international time by authoritative trusted timestamp service centre to sign and issue
One can prove that electronic message (electronic document) a time point be it is already existing, complete, can verify that have law
The electronic certificate of effect, trusted timestamp are mainly used for the anti-tamper and subsequent denial of electronic document, determine what electronic document generated
Correct time.Trusted timestamp (time-stamp) is the voucher document of formation after one encrypted, it includes three parts:
(1) digital digest (digest) for the file that need to be added timestamp;
(2) trusted timestamp server receives the date and time of file;
(3) digital signature (being generated according to (1) and (2) content) of trusted timestamp server.
It X.500 is defined by international standard committee ISO (Internetional Standards Organization)
Directory standard, include from X.501 to a series of catalogue data services such as X.509.It is logical for X.500 client computer and server
The agreement of letter is DAP (Directory Access Protocol).X.500 there is important role to PKI, it defines PKI
The scheme of data storage and access in system has been come at the LIST SERVER access entrance of PKI system using standardized method
It is accessed at the storage of the data structures such as certificate and certificate revocation list.
LDAP (Lightweight Directory Access Protocol) is generated in X.500 standard base
One simple version is a subset of X.500 directory access protocol DAP in standard, simplifies and completely X.500 realize function
Can, and extend the support to ICP/IP protocol system.
Two dimensional code, also known as two-dimensional bar code are with certain specific geometric figure according to certain rules at plane (two-dimensional directional)
The chequered with black and white graphic recording data symbol information of distribution, it is dexterously patrolled using composition computer-internal in code compilation
" 0 " on basis, the concept of " 1 " bit stream are collected, indicates text numerical value using several geometrical bodies corresponding with binary system
Information, by image input device or photoelectric scanning device automatically identifying and reading to realize automatic processing of information.It has barcode technology
Some general character: every kind of code system has its specific character set;Each character occupies certain width;With certain verifying function
Deng.Also have the characteristics that simultaneously rotationally-varying to the information automatic identification function and processing figure do not gone together.Common code system
Have: Data Matrix, MaxiCode, Aztec, QR Code, Vericode, PDF417, Ultracode, Code 49, Code
16K etc..
Error Correction of Coding: as needed by code word data sequence piecemeal, and according to the code word of error-correction level and piecemeal, error correction is generated
Code word, and error correction code word is added to behind code word data sequence, become a new sequence.
In the case where two dimensional code specification and error-correction level determine, it can be accommodated in fact code word sum and error correction code word
It is several also to determine that, such as: version 10 when error-correction level is H, can accommodate 346 code words in total, wherein 224 error correction code words.
That is about 1/3 code word is redundancy in two-dimension code area.For this 224 error correction code words, it can correct 112 and replace
Generation mistake (such as black and white is reverse) either refuses read error (can not read or can not decode), such error correction capability are as follows: 112/ for 224
346=32.4%
RFID (Radio Frequency Identification), i.e. radio frequency identification, also known as electronic tag are a kind of non-
The automatic identification technology of contact.It identifies specific target by radio signals, and reads and writes relevant data, without
Identifying system and this target have mechanical either optical contact.Each RFID tag has unique electronic code.
NFC (Near Field Communication), i.e. wireless near field communication, are initiated by PHILIPS Co., by
A featured wireless technology of the well-known manufacturers such as Nokia, Sony joint.NFC is by non-contact radio-frequency identification (RFID) and interconnection
Interworking technology integration is evolved, and combines induction type card reader, icah wavw and point-to-point function, energy on a single chip
It is identified and exchanged data in short distance with compatible equipment.This technology is initially the letter of RFID technique and network technology
It is single to merge, a kind of short-distance wireless communication technology is had evolved into now, and developing state is quite rapid.
Credible label described in this patent refers to limited storage space, and carries anti-tamper and anti-repudiation information figure
Label, digital label or chip tag, the information carried in this label are carried out by asymmetric encryption techniques method
Signature authentication or encryption, the form of expression can be two dimensional code, RFID tag, NFC label, electronic tag, chip tag,
Sensor tag etc..
With the development of computer security technique, rivest, shamir, adelman has at home and abroad been widely used.But
This mature technology never has the safety issue for being used to properly settle the labels such as two dimensional code or NFC, one of root
The problem of person's character is the nothing since the intrinsic information storage space of the labels such as two dimensional code, RFID tag or NFC label is extremely limited
Method include again while carrying more raw information for guaranteeing safe complete digital certificate, digital signature, timestamp,
Or other asymmetric encryption information, therefore it not can solve the distribution problem of the verification information, it just can not be using described non-
Symmetric cryptosystem.In this patent, we have proposed the methods for properly settling the distribution problem.
Traditional anti-counterfeiting technology include Laser Holographic Counterfeit-proof Technique, chemical ink anti-counterfeiting technology, latent image anti-counterfeiting technology,
Miniature anti-counterfeiting technology etc..These existing technologies do not have uniqueness and exclusivity, are easily replicated to cannot achieve real meaning
It is anti-fake in justice.Also occur at present it is some by realizing anti-fake technological means to two dimensional code or RF tag encryption, still
The encryption of anti-counterfeiting information in the prior art is to be realized by publisher's proprietary technology, therefore different publishers needs with not
With equipment or software verify, cause to verify equipment or software can not generalization, and safety also cannot be guaranteed, thus
It is extremely limited the promotion and application of these anti-counterfeiting technologies.
Summary of the invention
The purpose of the present invention is to provide a kind of generations of credible label and verification method and system, it is intended to solve existing skill
The problems such as art safety is poor, realizes complexity, at high cost, poor universality.
It proposes directly digital certificate can be embedded in the distribution problem for realizing certificate in credible label in the present invention, therefore
The digital certificate for the credible label owner of acquisition that authentication module can be convenient, to realize label substance using digital signature
Anti-tamper purpose.In addition, according to the different purposes of digital certificate, CA can specify different validity periods when signing and issuing digital certificate.
After digital certificate is expired, CA will no longer guarantee the authenticity of its content information, thus expired digital certificate be it is invalid, no
It is believable.For some reason, as private key for user leaks or the identity of user changes, initiative abolishes former certificate, from
And CA is caused to announce digital certificate failure.These factors constrain the validity period of credible label.This patent draws in credible label
Enter Digital Time-stamp, for proving the Production Time of credible label, to efficiently solve this defect.Because of digital signature
It is anti-tamper to achieve the purpose that can to guarantee the integrality of information with timestamp, therefore in specific implementation, label
The anti-tamper of the contents such as the network address of raw information, tag identifier and commodity sign, authentication server can be by digital signature
It realizes, can also be realized respectively by one of both simultaneously with timestamp.
Credible label owner needs to pay every year the annual fee of great number for the digital certificate of oneself, therefore credible in order to reduce
The cost of label owner proposes the scheme for exempting from digital certificate in the present invention, or generated using label owner oneself
Unsymmetrical key.The public-key cryptography and private cipher key of credible label owner can be generated by three kinds of approach: 1) by IBC's
Key generation centre (KGC) generates public-key cryptography and private cipher key, can be the identity such as company of credible label owner
The information such as title, IP address, E-mail address, phone number are as public-key cryptography;2) it is generated by the key generation centre of CPK
Public-key cryptography and private cipher key, can be the identity of credible label owner such as Business Name, IP address, E-mail address
The information such as location, phone number are as the user identifier for generating key;3) public-key cryptography is generated by unsymmetrical key Core Generator
And private cipher key, and public-key cryptography and identity information are stored in the public-key cryptography library in local or cloud, it is open by retrieval
The validity of public-key cryptography is verified in cipher key store with the presence or absence of the disclosure key.Credible label substance is tampered in order to prevent,
Private cipher key, relevant parameter and the signature algorithm that credible label owner is generated using above-mentioned three kinds of methods are to credible label
Content sign.Because of the signature obtained by private cipher key, can only be just able to verify that by corresponding public-key cryptography, thus
Ensure the authenticity and non repudiation of owner's identity of credible label.
In order to simplify the generation and verifying of credible label, and the credible label owner generation of convenient not digital certificate
Credible label, this patent propose trusted identity timestamp on the basis of trusted timestamp.Not with traditional trusted timestamp
Same to be characterized in that, trusted identity timestamp increases identity information, i.e., is made of four parts:
(1) digital digest (digest) for the file that need to be added timestamp;
(2) identity information by certification of the owner for the file that need to be added timestamp;
(3) trusted timestamp server receives the date and time of file;
(4) digital signature of trusted timestamp server (according to (1), (2) and (3) content are generated).
Compared with trusted timestamp, trusted identity timestamp cannot be only used for the anti-tamper and subsequent denial of electronic document, really
Determine the correct time of electronic document generation, and the trusted identity of electronic document owner can be verified.Therefore, when trusted identity
Between stamp be applicable not only to credible label, be also applied for the electronic document of other forms, such as electronic contract, electronic insurance policy, electronics hair
Ticket etc..
In order to save the expense of credible label and solve the limited defect in credible label intrinsic information space, mark can be used
Sign information element (such as label raw information, digital certificate, digital signature, tag identifier, commodity sign, public key information, time
Stamp, network address of authentication server etc.) network storage address or query information for inquiring database replace marking
Database is downloaded or inquired to the complete content for signing information element by network when verifying label to obtain label information element
Complete content, or directly verify beyond the clouds.
Because digital signature and timestamp can guarantee that the integrality of information is anti-tamper to achieve the purpose that,
In specific implementation, label information element (such as label raw information, digital certificate, digital signature, tag identifier, commodity mark
Knowledge, public key information, timestamp, network address of authentication server etc.) the anti-tamper of content can be by digital signature and timestamp
It realizes, can also be realized respectively by one of both simultaneously.
As shown in figure 5, when high-resolution patterned credible label in the first printing, republish and copying and printing
When, since printed resolution is lower than output resolution ratio required by credible label graphic, information loss can be generated.Therefore,
The credible label of graphic form is replicated in order to prevent, can be by adjusting the resolution ratio and printing of credible label generated
Size, make to republish the picture of credible label obtained after replicating or the digital information for being included it is different, thus by comparing
The picture for the label verified or the digital information for being included whether the information with the credible label of the first printing saved
Unanimously achieve the purpose that credible label anti-copying;It can also be by adjusting the resolution ratio and printing ruler of credible label generated
Very little, although the label for obtaining the first printing produces the loss of information or the mistake of information, but still can be with by error correction
Correctly distinguished, however the label by replicating the first printing loses more information or introduces more mistakes,
So that being more than the error correcting capability of credible label so that it cannot correct distinguish, to reach the mesh of credible label anti-copying
's;It, can be in credible label in order to avoid duplicator evades by amplifying the method for credible label graphic the loss of printing information
In the credible label comprising the first printing dimension information, and the size is digitally signed to prevent from being tampered,
When verifying credible label, dimension information included in the printed dimensions and label by comparing current credible label is realized
The purpose of credible label anti-copying.
Specifically, the present invention discloses generation and the verification method of a kind of credible label based on rivest, shamir, adelman,
The following steps are included:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Credible label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, the original letter of credible label is determined
The authenticity and non repudiation of the integrality and non-repudiation of breath and credible label owner identity;
The credible tag encryption protocol module includes digital certificate information and digital signature information;It is verified in step 4
It can beacon
When signing cryptographic protocol module, the validity by verifying the digital certificate information in credible label verifies credible label
Owner
Identity, the integrality of credible label raw information is determined by verifying the digital signature information in credible label.
A kind of generation of the credible label based on rivest, shamir, adelman and verification method, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Credible label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, the original letter of credible label is determined
The authenticity and non repudiation of the integrality and non-repudiation of breath and credible label owner identity;
The credible tag encryption protocol module include digital certificate information, digital signature information, trusted timestamp or
Person is credible
Identity timestamp information;When step 4 verifies credible tag encryption protocol module, by verifying in credible label
Number
The validity of certificate information authenticates the identity of credible label owner, by verifying the digital signature in credible label
Information is true
The integrality of the raw information of fixed credible label, by verifying trusted timestamp or credible body in credible label
Part time
Stamp information ensures that credible label generates the integrality of time and content.
A kind of generation of the credible label based on rivest, shamir, adelman and verification method, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Credible label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, the original letter of credible label is determined
The authenticity and non repudiation of the integrality and non-repudiation of breath and credible label owner identity;
The credible tag encryption protocol module includes trusted identity timestamp information;Verifying credible tag encryption association
Discuss module
When, pass through the trusted identity timestamp information in the credible label of verifying, it is ensured that credible label generates time and interior
That holds is complete
Whole property, and the identity of the credible label owner of certification.
A kind of generation of the credible label based on rivest, shamir, adelman and verification method, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Credible label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, the original letter of credible label is determined
The authenticity and non repudiation of the integrality and non-repudiation of breath and credible label owner identity;
The cryptographic protocol module includes public key information and digital signature information;
When verifying credible tag encryption protocol module, label owner's identity is verified by verifying public key information
It is true
Property and non repudiation, determine credible label raw information by verifying the digital signature information in credible label
Integrality
And non repudiation.
A kind of generation of the credible label based on rivest, shamir, adelman and verification method, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Credible label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, the original letter of credible label is determined
The authenticity and non repudiation of the integrality and non-repudiation of breath and credible label owner identity;
The credible tag encryption protocol module include public key information, digital signature information, trusted timestamp or
Person is credible
Identity timestamp information;
When verifying credible tag encryption protocol module, label owner's identity is verified by verifying public key information
It is true
Property and non repudiation, determine credible label raw information by verifying the digital signature information in credible label
Integrality
And non repudiation, ensured by verifying trusted timestamp in credible label or trusted identity timestamp information
It can beacon
Label generate the integrality of time and content.
Public key information in the credible label authenticates the identity of credible label owner according to the following method:
A. if public-key cryptography and private cipher key are the key generation centres by identity-based id password system (IBC)
It generates, then the public key information includes the parameter information of public-key cryptography and verifying signature, or including storing public-key cryptography
The network address information of information, or include the query information for inquiring the database comprising public key information;If can
Digital signature authentication in beacon label passes through, then proves that public-key cryptography is legal, has also turned out the identity of credible label owner
It is credible;
B. if public-key cryptography and private cipher key are raw by the key generation centre of Conbined public or double key management system (CPK)
At, then the public key information includes public key matrix and mapping algorithm, or the network including storing public key information
Location information, or include the query information for inquiring the database comprising public key information;If the number in credible label
Word signature verification passes through, then the entity identifier for including in attestation-signatures is legal, has also turned out the identity of credible label owner
It is credible;
C. it if public-key cryptography is the common key not comprising identification information, and is not included in digital certificate, then
The public key information includes public-key cryptography, perhaps including store public key information network address information or including
For inquire include public-key cryptography database query information, when verify public-key cryptography legitimacy need inquire local or
Public-key cryptography library in cloud server,
If there are the digital signature authentications in the public-key cryptography and credible label to pass through in public-key cryptography library,
Think that the identity of credible label owner is credible, it is otherwise insincere;
If the corresponding private cipher key of public-key cryptography has been leaked or failed, in the public-key cryptography library in local or cloud
Delete corresponding public key information;Signature or Encryption Algorithm may be embodied in public key information, also can store
Local or cloud;
D. if public-key cryptography is included in the digital certificate of oneself signature, the identity for authenticating credible label owner uses institute
The method for stating C;If public-key cryptography is included in the digital certificate that authentication center CA is signed and issued, the public key information packet
Digital certificate information is included, network address information perhaps including digital certificate information or including for inquiring comprising number
The query information of the database of word certificate information, if digital certificate authentication passes through, and the digital signature in credible label is tested
Card passes through, then the identity of credible label owner is credible, otherwise insincere.
The trusted identity timestamp is by trusted identity time stamp server to the precise date from authoritative time source
And the time, according to credible label raw information generate digital digest, the identity information of the credible label owner by audit,
It is digitally signed and generates.
If credible label is a kind of graphical label, because of output resolution ratio=image resolution ratio ÷ output image size,
So making desired output resolution ratio by adjusting the resolution ratio of credible label generated and the printed dimensions of credible label
Higher than the output resolution ratio of practical printing equipment, make to republish or the picture of credible label obtained after replicating or the number for being included
Word information is different, thus by comparing the label verified picture or included digital information whether with saved first
The information of the credible label of secondary printing unanimously achievees the purpose that credible label anti-copying;
If credible label has an error correcting capability, the graphics resolution of adjustable credible label and credible label
Printed dimensions make desired output resolution ratio be higher than the output resolution ratio of practical printing equipment, therefore printing will all introduce every time
New misprint makes the mistake generated when the first printing be not above level of error correction set by credible label, therefore still
It can be distinguished by successful correction and correctly;However it is printed again by the credible label graphic of the duplication first printing
When because introduce more misprints to be more than credible label set by level of error correction, the duplication can beacon
Label will be unable to correctly distinguish, to realize the anti-copying of credible label;
It can in the label include label sizes information if credible label is a kind of graphical label of anti-copying, when
When verifying credible label, graphical label is determined by size nominal in the full-size(d) and label of comparison current Graphics label
Whether it is replicated and modifies.
Include credible tag identifier in the raw information of the credible label, is one for identifying a credible label
Unique coding;
Include commodity sign in the raw information of the credible label, is one for identifying unique volume an of commodity
Code;
If a credible label can be replicated, need first in each credible label comprising credible tag identifier
When secondary verifying, the record verifying event information in authentication module or background server, to evade the same credible label quilt
It reuses, in addition to realize to the multiple fake certifications of a commodity, needs on the part commodity that have should using multiple
The credible label of the Unique Product mark of commodity, wherein the commodity sign of each credible label part commodity having the same and each
From unique tag identifier, in addition, each credible label before verifying for the first time because these credible labels can be replicated
It is secrecy (as increased coating);
If a credible label is that irreproducible (such as chip tag has unique irreproducible ID, can be with
Using the information as a part of tag identifier or tag identifier, to guarantee the uniqueness of the credible label and not reproducible
Property), so comprising certain part commodity sign label can be used for the anti-fake of the part commodity, and it is not required to before verifying for the first time
Any secrecy processing is done to the credible label;
If the tag identifier of a credible label is that irreproducible and label other contents can be written,
This label can be recorded and be recycled in background program after commodity are used, and then re-write new commodity sign and be used for
Another commodity it is anti-fake, to reduce anti-counterfeiting cost;
It is undesirable that credible label is reused, then credible label and commodity can be made to bind, when commodity are used
It removes and is destroyed on Shi Kexin tags from merchandise.
The effective storage life that may include the label in the raw information of the credible label is verifying credible label
When, while current time is verified whether in the effective storage life of the label, if current time is not in the effective of the label
Using in the time, then the credible label is insincere.
If including digital certificate information in credible label, when being verified, number card is shown in display module
Letter breath, so that verifier be facilitated to understand the identity information of credible label owner and the issuer information of digital certificate;
If in credible label including timestamp information, when being verified, Presentation Time Stamp is believed in display module
Breath, so that verifier be facilitated to understand generation time of credible label;
If in credible label including trusted identity timestamp, show that trusted identity timestamp is believed when being verified
Breath, so that verifier be facilitated to understand the generation time of credible label and the identity information of credible label owner;
If time t2 and the location information P2 and time t1 of last time good authentication that successful acquisition is verified to this and
Location information P1 then calculates the displacement R=(P2-P1) and time difference T=(t2-t1) verified twice, and obtains speed V=R/T,
If the value of speed V is more than the early warning speed (such as 100 kilometers per hour) of setting, alarm is generated in display module or cloud
Information, during this verifying and last time verifying, verified label is being more than the speed operation of V for expression, is marked according to verifying
The actual conditions of label and the size of speed V, can detect to a certain extent whether verified label is replicated.
A. the credible label includes at least one of:
A. complete digital certificate content;
B. the partial content of digital certificate;
C. the network storage address of digital certificate;
D. digital certificate library information;
E. digital certificate LIST SERVER information;
F. complete digital certificate chains;
G. the network storage address of digital certificate chains;
H. for inquiring the query information of the database comprising digital certificate or digital certificate chains;
I. complete digital signature;
J. the network storage address of digital signature;
K. for inquiring the query information of the database comprising digital signature;
L. complete public key information;
M. the network storage address of public key information;
N. for inquiring the query information of the database comprising public key information;
O. the tag identifier of credible label;
P. the commodity sign of credible label;
Q. the validity period of credible label;
R. complete credible label raw information;
S. the HASH value of credible label raw information;
T. the network storage address of credible label raw information;
U. for inquiring the query information of the database comprising raw information;
V. the identity information of credible label owner;
W. the network address of credible label Verification server;
B. if the credible label includes the network storage address of digital certificate or digital certificate chains, verifying can beacon
Pass through network downloading digital certificate when signing cryptographic protocol module;
C. if the credible label includes the information of digital certificate library or LIST SERVER, credible label is verified
Pass through network downloading or enquiring digital certificate when cryptographic protocol module;
D. if the credible label includes the network storage address of public key information, credible tag encryption association is verified
Public key information is downloaded by network when discussing module;
E. if the credible label includes the network storage address of digital signature, credible tag encryption agreement is verified
Digital signature is downloaded by network when module;
F. it if the credible label includes the network storage address of trusted timestamp or trusted identity timestamp, tests
Trusted timestamp or trusted identity timestamp are downloaded by network when demonstrate,proving credible tag encryption protocol module;
G. it if including the identity information of credible label owner in the credible label raw information, verifies credible
It can be by comparing identity information, the identity information in digital certificate, trusted identity in credible label raw information when label
Whether the identity information in timestamp is credible come the identity for further verifying credible label owner;
H. the downloading and verifying of the credible label information may operate in the local of authentication module, also may operate in
Cloud;
I. the raw information can be in plain text, can also be by encryption;
J. the raw information can be the HASH value or original contents of label original contents perhaps original contents
Network storage address, or for inquire include original contents database query information;
K. if there is the credible label full stop to indicate that raw information terminates, credible tag encryption can be assisted
View module is placed on behind the full stop;
L. the credible label is the form of printing or electronics;
M. the credible label is two dimensional code perhaps customized pattern perhaps RFID tag or NFC label, or
Person's electronic tag, chip tag or sensor tag.
A kind of anti-counterfeiting system of credible label, including unsymmetrical key or digital certificate generate center, credible tag encryption
Protocol module storage server, credible label generate and verifying equipment and credible label Verification server, it is characterised in that:
Unsymmetrical key or digital certificate generate center, are used to generate digital certificate or asymmetric to credible label owner
Key;Credible tag encryption protocol module storage server, for storing the credible tag encryption agreement of credible label owner
Module information, including public key information or digital certificate information or digital signature information or trusted timestamp or credible body
Part timestamp information;
Credible label Verification server, for recording the verifying event of credible label and the details of anti-counterfeit commodities,
It can be used for executing the authentication module of credible label, realize cloud verifying;
The generation of credible label with verifying equipment include:
Trusted timestamp generation module generates digital digest according to credible label substance, and takes to the trusted timestamp
Business device application trusted timestamp, and the trusted timestamp is inputted into credible tag generation module;
Trusted identity timestamp generation module generates digital digest according to credible label raw information, and to described credible
Identity time stamp server application trusted identity timestamp, and the trusted identity timestamp is inputted into credible label and generates mould
Block;
The tag identifier generation module of credible label generates unique tag identifier for each label;
The commodity sign generation module of credible label is that every commodity generate unique commodity sign;
Unsymmetrical key generation module generates oneself private cipher key and public-key cryptography for label owner;
Credible tag generation module, according to credible label raw information or tag identifier or commodity sign or
Label validity period or public key information or digital certificate information or digital signature information or trusted timestamp,
Or trusted identity timestamp information, generate credible label;
Credible tag readable degree module extracts the digital certificate information being verified in credible label, and is output to number
Certification authentication module;The digital signature being verified in credible label is extracted, and is output to digital signature authentication module;It extracts
The trusted timestamp being verified in credible label, and it is output to trusted timestamp authentication module;Extraction is verified can beacon
Trusted identity timestamp in label, and it is output to trusted identity timestamp verification module;Extraction is verified in credible label
Tag identifier, and be output to tag identifier authentication module;Extract the commodity sign that is verified in credible label, and by its
It is output to commodity sign authentication module;
Digital certificate authentication module, verifying digital certificate information confirm the authenticity of credible label owner identity;
Digital signature authentication module, verifying digital signature confirm the integrality of credible label substance;
Trusted timestamp authentication module, verifying trusted timestamp confirm credible label substance integrality and credible label
The generation time;
Trusted identity timestamp verification module verifies the trusted identity timestamp and confirms the complete of credible label substance
Property, the authenticity of the generation time of credible label and credible label owner identity;
The tag identifier authentication module of credible label, inquiring the tag identifier in local or credible label Verification server is
It is no to have there is verifying to record, if it is verifying for the first time, then the information of this verifying event is recorded on local or authentication server,
Otherwise already existing verifying event information is returned;
The commodity sign authentication module of credible label records the commodity sign on local or credible label Verification server
This verifying event information, and return to already existing verifying event information;
Credible label Verification result display module shows that the digital certificate information after being verified or credible label are raw
At the time, or corresponding verifying event information and merchandise news.
Credible tag encryption protocol module storage server is X.500 LIST SERVER or ldap directory server, or
Person's Web server perhaps ftp server perhaps dns server or cloud storage service device;
Credible label Verification server is that have to record credible label Verification event, commodity purchasing event, commodity and believe in detail
The data server of breath;
Credible label Verification server can execute credible label Verification module (including digital certificate authentication module or
Digital signature authentication module or trusted timestamp authentication module or trusted identity timestamp verification module or label mark
Know authentication module or commodity sign authentication module etc.), to realize the cloud verifying of credible label.
Compared with the prior art, the invention has the following advantages and beneficial effects:
(1) the credible label that generates of the present invention can easily distribute the digital certificate of credible label owner, and can be with
Realize off-line verification;
(2) present invention effectively extends the service life of credible label using timestamp, even if credible label owner
Digital certificate is no longer valid, but the credible label made before Certificate Revocation still can continue to use;
(3) present invention is embedded in trusted identity timestamp information in credible label, not only ensure that the complete of credible label
Property and non repudiation, and also ensure the genuine and believable of credible label owner identity.Therefore, credible label owner is not
Application digital certificate must be removed to generate credible label, to reduce cost.And it can also support off-line verification can beacon
Label;
(4) present invention replaces digital certificate using the key based on mark, to eliminate application and maintenance digital certificate
Expense;
(5) present invention increases unique credible tag identifier in credible label, to avoid the same credible label
It is reused;
(6) present invention increases unique commodity sign in credible label, and ensures on same part commodity using identical
Commodity sign, to realize to the multiple fake certifications of same part commodity;
(7) present invention is by recycling irreproducible credible label, so as to reduce anti-counterfeiting cost;
(8) present invention increases the validity period of credible label in credible label, so that credible label be made to be provided with timeliness
Property;
(9) present invention can show digital certificate information in credible label Verification result display module, and credible label is raw
At temporal information and the identity information of credible label owner, the verification time for the first time of commodity, production and logistics of commodity etc.
Detailed information of tracing to the source;
(10) present invention is by utilizing label information element (such as label raw information, digital certificate, digital signature, label
Mark, commodity sign, public key information etc.) network storage address or query information for inquiring database replace label
The complete content of information element realizes the purpose for saving credible label expense, to make technical solution of the present invention ideally
Solves the lesser defect in certain label intrinsic informations space;
(11) present invention is by adjusting the resolution ratio of patterned credible label generated and the size of output pattern,
Make to republish or the picture of credible label obtained after replicating or the digital information for being included obtained with the first printing it is credible
Label is different, or the credible label for alloing the credible label of the first printing correctly to distinguish and replicate again can not be distinguished, from
And achieve the purpose that patterned credible label anti-copying;And the dimension information of graphical label is contained in credible label,
To prevent the figure of credible label to be amplified duplication.
More specifically, the present invention is to realize the goal of the invention of the digital certificate for simply distributing credible label owner,
It is directly that the digital certificate of label owner is embedding when generating credible label in the generation of use and verification method and system
Enter credible label, not only solve the problems, such as credential distribution, and the off-line verification of credible label may be implemented.In order to which make can beacon
Label may include more raw informations, can the digital certificate content of embedded part or the network storage of digital certificate
Address, or for the query information of enquiring digital certificate database, to realize the distribution of digital certificate.
The present invention is in order to solve the Problem of Failure of digital certificate, in the generation of use and verification method and system, in life
Trusted timestamp is introduced when at credible label, while guaranteeing anti-tamper credible label and subsequent denial, also determining can
Believe the correct time of forming label.It therefore, can be according to the system of credible label when digital certificate is expired or failure
It is whether still credible that credible label is verified as the time.Although credible label is in number for example, digital certificate is expired
It is generated in the validity period of word certificate, then credible label is still credible.
In order to reduce the cost of credible label owner and simplify the purpose of credible label anti-counterfeit, the generation of use with test
It demonstrate,proves in method and system, proposes a kind of novel trusted timestamp with identity information.It is credible compared with trusted timestamp
Identity timestamp is signed and issued after applicant's identity is verified at authoritative time-stamping service center.Therefore, trusted identity timestamp
Be one can prove that electronic document be applicant by verification a time point with regard to it is already existing, complete, can verify that
, electronic certificate with legal effect.After credible label owner application is to trusted identity timestamp, do not having number
In the case where certificate, it still is able to generate believable credible label.
The present invention in order to reduce or remit the cost of credible label owner application and maintenance digital certificate, the generation of use with test
It demonstrate,proves in method and system, when generating credible label, replaces digital certificate information with the public key information of label owner,
Be exactly directly public key information perhaps the network storage address of public key information or for inquire comprising disclose it is close
The query information of the database of key information is embedded into credible label.Pass through the identity mark in verifying public-key cryptography or signature
Know, or retrieval public-key cryptography whether there is the validity that public-key cryptography is verified in the public-key cryptography library in local or cloud,
And the identity information of the credible label owner of verifying.
The present invention in order to avoid credible label reuse, in the generation and verification method and system of use, every
A unique tag identifier is increased in one credible label, and on authentication server to for the first time verifying event into
Row records, including verifying Time To Event, the IP address of verifier, geographical location information locating for verifier etc..
The present invention is in order to realize the multiple fake certification to same part commodity, in the generation and verification method and system of use
In, identical commodity sign is arranged in multiple credible labels to use on same part commodity, and the commodity sign is part quotient
Product are exclusive.
The present invention is in order to reduce the use cost of credible label, in the generation of use and verification method and system, if
The tag identifier of credible label be it is irreproducible (such as RFID have not revisable unique electronic code, this coding can quilt
A part of mark or credible tag identifier as credible label), then after merchandise sales, it can recycle and modify verifying
After the database of server, the credible label is reused, is recycled to realize.
The present invention in order to meet certain credible labels of application scenarios requirement with certain timeliness, use generation with
In verification method and system, validity period information is increased in credible label, to guarantee that credible label can only be in the validity period
Inside it is verified.
Verifier uses credible label to the present invention for convenience, in the generation of use and verification method and system,
The identity information of the owner of credible label, digital certificate information, the credible label generation time, the verification time for the first time of commodity,
The details such as the production and logistics of commodity are shown in authentication module, so that it is guaranteed that understand in detail can beacon by credible label Verification person
The relevant information of label and commodity.
The present invention by using label information element (such as label raw information, digital certificate, digital signature, tag identifier,
Commodity sign, public key information etc.) network storage address or query information for inquiring database replace label information
The complete content of element realizes the purpose for saving credible label expense, so that technical solution of the present invention be made ideally to solve
Certain credible label intrinsic information spaces lesser defects.
The credible label of present invention graphic form in order to prevent is replicated, can be by adjusting credible label generated
Resolution ratio and printed dimensions, make to republish or the picture of credible label obtained after replicating or the digital information for being included not
Together, thus by comparing the picture of label verified or the digital information for being included whether with the first printing that has saved
The information of credible label unanimously achievees the purpose that credible label anti-copying;It can also be by adjusting point of credible label generated
Although resolution and printed dimensions, the label for obtaining the first printing produce the loss of information or the mistake of information, but logical
Crossing error correction still can correctly distinguish, however the label by replicating the first printing loses more information or introducing
More mistakes, so that being more than the error correcting capability of credible label so that it cannot correct distinguish, to reach credible label
The purpose of anti-copying;It, can be in order to avoid duplicator evades by amplifying the method for credible label graphic the loss of printing information
In credible label comprising the first printing credible label dimension information, and to the size be digitally signed to prevent
It is only tampered, when verifying credible label, believes by comparing the size for including in the printed dimensions and label of current credible label
Breath, realizes the purpose of credible label anti-copying.
Detailed description of the invention
Fig. 1 is generation and verification method of the present invention using the credible two-dimension code anti-tamper applied to information based on PKI
And the building-block of logic of system
Fig. 2 is that the present invention uses the generation for being applied to the anti-tamper credible two-dimension code of information of trusted identity timestamp and tests
Demonstrate,prove the building-block of logic of method and system
Fig. 3 is the present invention using generation and the verification method of the credible label applied to commodity counterfeit prevention based on PKI and is
The building-block of logic of system
Fig. 4 is generation and authentication of the present invention using the credible label applied to commodity counterfeit prevention of trusted identity timestamp
The building-block of logic of method and system
Fig. 5 is the present invention using generation and the verification method of the credible label applied to commodity counterfeit prevention of public-key cryptography and is
The building-block of logic of system
Fig. 6 is generation and verification method of the present invention using the credible label applied to commodity counterfeit prevention based on IBC or CPK
And the building-block of logic of system
Fig. 7 is the schematic diagram that the present invention realizes anti-copying by adjusting the output resolution ratio of the credible label of figure
Specific embodiment
The raw information that user can be allowed to confirm that credible label is included by using technical solution of the present invention it is complete
Property and non-repudiation.In order to understand technical solution of the present invention more easily, combined by taking credible two-dimension code as an example below specific
Diagram is further elaborated.
According to Fig. 1, specific embodiments of the present invention (one) are as described below:
Step 1: authentication center CA is that two dimensional code service provider generates digital certificate;
Step 2: two dimensional code service provider generates digital signature, time stamp server two by Digital Signature module
It ties up code and generates timestamp;
Step 3: two-dimensional code generation module is signed according to two dimensional code raw information, digital certificate information, timestamp and number
Name and generation parameter appropriate generate two dimensional code;
Step 4: when using or verifying two dimensional code, two dimensional code is correctly distinguished by two dimension code reading module, is mentioned
Information therein is taken, and is output to timestamp verification module, digital certificate authentication module and digital signature authentication module;
Step 5: timestamp verification module acquisition time from reading information is stabbed information and is verified to it, if verifying is logical
It crosses, then shows that QR code content is complete, otherwise two dimensional code is insincere;
Step 6: digital certificate authentication module obtains digital certificate information from reading information, and it is verified with
Confirm the identity of two dimensional code service provider;
A. if digital certificate is legal and still in validity period, then it is assumed that the identity of two dimensional code service provider is credible;
B. if digital certificate is although legal but be revoked, but when the generation time of timestamp is earlier than digital certificate revocation
Between, and the revocation of certificate the reason is that because of certificate expired, then the identity of two dimensional code service provider is credible, and prompts digital certificate
Revocation the reason is that certificate expired;
C. if digital certificate is although legal but be revoked, but when the generation time of timestamp is earlier than digital certificate revocation
Between, and certificate revocation the reason is that because certificate and private key divulge a secret, then two dimensional code service provider identity still have it is lower can
Reliability needs clearly to prompt the revocation of digital certificate the reason is that certificate and private key is divulged a secret to user.
Step 7: digital signature authentication module obtains digital signature from reading information and verifies to it, if tested
Card passes through, then the two dimensional code is not tampered with or forges, and the content in two dimensional code is credible, otherwise insincere.
Whether come from very by using the commodity that technical solution of the present invention can allow user's confirmation to put up credible label
Real commodity production manufacturer.In order to understand technical solution of the present invention more easily, make further below with reference to being specifically illustrating
Elaboration.
According to Fig. 3, specific embodiments of the present invention (two) are as described below:
Step 1: authentication center CA is that commodity production manufacturer generates digital certificate;Tag identifier generation module generates label
Mark;Commodity sign generation module generates commodity sign;
Step 2: digital certificate that commodity production manufacturer obtains the step 1, raw information (including commerical batches,
Commodity production time, production site, Corporation web site etc.), tag identifier and commodity sign input digital signature generation module with life
At digital signature;Digital digest is generated according to raw information, tag identifier and commodity sign and to when time stamp server application
Between stab;
Step 3: credible tag generation module is demonstrate,proved according to raw information, tag identifier, commodity sign, digital signature, number
Book and timestamp and generation parameter appropriate, generate credible label;
Step 4: when using or verifying credible label, credible label is carried out by credible tag readable degree module correct
Recognition, extracts information therein, and be output to tag identifier authentication module, commodity sign authentication module, digital certificate and test
Demonstrate,prove module, digital signature authentication module and timestamp verification module;
Step 5: timestamp verification module acquisition time from reading information is stabbed information and is verified to it, if verifying is logical
It crosses, then shows that credible label is complete, otherwise credible label is insincere and terminates entire verification process, then in credible label Verification
Result display module prompt time stabs authentication failed;
Step 6: digital certificate authentication module obtains digital certificate information from reading information, and verifies to it, such as
Then credible label is insincere for fruit authentication failed, and terminates entire verification process, then in credible label Verification result display module
Middle prompt digital certificate authentication failure, meets following three situation and is believed that credible label owner's (i.e. commodity production manufacturer)
Identity is credible:
A. if digital certificate is legal and still in validity period, then it is assumed that the identity of commodity production manufacturer is credible;
B. if digital certificate is although legal but be revoked, but when the generation time of timestamp is earlier than digital certificate revocation
Between, and the revocation of certificate the reason is that because of certificate expired, then the identity of commodity production manufacturer is credible, and shows mould in verification result
Prompt the revocation of digital certificate the reason is that certificate expired in block;
C. if digital certificate is although legal but be revoked, but when the generation time of timestamp is earlier than digital certificate revocation
Between, and the revocation of certificate the reason is that because certificate and private key is divulged a secret, then the identity of commodity production manufacturer still has lower credible
Degree, needs clearly to prompt the revocation of digital certificate the reason is that certificate and private key is divulged a secret to user in verification result display module.
Step 7: digital signature authentication module obtains digital signature from reading information and verifies to it, if tested
Card passes through, then the credible label is not tampered with or forges, and the content in credible label is credible, and otherwise label substance is insincere simultaneously
Terminate entire verification process, digital signature authentication failure is then prompted in credible label Verification result display module;
Step 8: tag identifier authentication module obtains tag identifier from reading information, inquires credible label Verification service
Whether the tag identifier has had verifying to record in device, if do not recorded, this verifying thing is recorded on authentication server
The information of part is (locating when including facility information used in verification time, verifier, the IP address of verifier, verifier's verifying
Geographical location etc.), and continue the verifying of credible label;If have existed record, and credible label be it is reproducible, then directly
It connects and jumps to step 10;
Step 9: commodity sign authentication module obtains commodity sign from reading information, in credible label Verification server
Whether middle inquiry commodity sign has had verifying to record, if do not recorded, this verifying is recorded on authentication server
The information of event;
Step 10: credible label Verification result display module is read and display label identity verification module and commodity sign are tested
Card module return as a result, if credible label be it is irreproducible, show verification time for the first time and merchandise news;If can
Beacon label are reproducible, and this verifying is the verifying for the first time bought after commodity, and without being somebody's turn to do on authentication server
The tag identifier of credible label and the verifying record of commodity sign, then the commodity are from the factory for possessing the digital certificate
Otherwise quotient shows that the credible label is to obtain by duplication, and judge the commodity for fakement;If this verifying is purchase commodity
Afterwards non-is verified for the first time, and does not have the verifying of the credible label to record but have existed identical commodity mark on authentication server
The verifying of knowledge records, then shows that the commodity from the production firm for possessing the digital certificate, and are bought in the commodity sign
It is corresponding to verify recorded time for the first time, otherwise show that the credible label is to obtain by duplication and the commodity are fakement.
According to Fig. 4, specific embodiments of the present invention (three) are as described below:
Step 1: tag identifier generation module generates tag identifier;Commodity sign generation module generates commodity sign;According to
Label raw information, tag identifier and commodity sign and the identity information of commodity production manufacturer generate digital digest, and to can
Letter identity time-stamping service center is filed an application, after the identity of commodity production manufacturer is verified at trusted identity time-stamping service center,
According to the digital digest, precise date/time by the identity information of audit, and from authoritative time source is signed
Name generates trusted identity timestamp;
Step 2: credible tag generation module according to raw information, tag identifier, commodity sign, production firm identity
Information and trusted identity timestamp and generation parameter appropriate, generate credible label;
Step 3: when using and verifying credible label, credible label is carried out by credible tag readable degree module correct
Recognition, when extracting information therein, and being output to tag identifier authentication module, commodity sign authentication module and trusted identity
Between stab authentication module;
Step 4: trusted identity timestamp verification module obtains trusted identity timestamp information from reading information and to it
Verifying, if the verification passes, then shows that credible label is complete, otherwise credible label is insincere and terminates entire verification process, so
Trusted identity timestamp authentication failed is prompted in credible label Verification result display module afterwards;
Step 5: tag identifier authentication module obtains tag identifier from reading information, inquires credible label Verification service
Whether the tag identifier has existed verifying record in device, if do not recorded, this verifying is recorded on authentication server
The information of event is (locating when including facility information used in verification time, verifier, the IP address of verifier, verifier's verifying
Geographical location etc.), and continue the verifying of credible label;If have existed record, and credible label be it is reproducible, then
Leap to step 7;
Step 6: commodity sign authentication module obtains commodity sign from reading information, in credible label Verification server
Whether middle inquiry commodity sign has existed verifying record, if do not recorded, records this on authentication server and tests
The information of card event;
Step 7: credible label Verification result display module is read and display label identity verification module and commodity sign are tested
Card module return as a result, if credible label be it is irreproducible, show verification time for the first time and merchandise news;If can
Beacon label are reproducible, and this verifying is the verifying for the first time bought after commodity, and without being somebody's turn to do on authentication server
The tag identifier of credible label and the verifying record of commodity sign, then the commodity are from body described in trusted identity timestamp
Otherwise the corresponding production firm of part information shows that the credible label is to obtain by duplication, and judge the commodity for fakement;If
This verifying is that non-after buying commodity is verified for the first time, and do not have on authentication server the verifying of the credible label record but
The verifying record for having existed identical commodity sign, then show that the commodity are believed from identity described in trusted identity timestamp
Corresponding production firm is ceased, and buys verifying the recorded time for the first time corresponding in the commodity sign, otherwise shows that this is credible
Label be by duplication obtain and the commodity be fakement.
According to Fig. 5, specific embodiments of the present invention (four) are as described below:
Step 1: commodity production manufacturer generates the private cipher key of oneself by unsymmetrical key generation module and discloses close
Key, and public key information and the identity information of production firm are updated to public key information library, it is generated by tag identifier
Module generates the tag identifier of credible label, and the commodity sign of credible label is generated by commodity sign generation module;
Step 2: public-key cryptography that commodity production manufacturer obtains the step 1, raw information (including commerical batches,
Commodity production time, production site, Corporation web site etc.), tag identifier and commodity sign input digital signature generation module with life
At digital signature;
Step 3: credible tag generation module according to credible label raw information, tag identifier, commodity sign, disclose it is close
Key information, digital signature and generation parameter appropriate, generate credible label;
Step 4: when using or verifying credible label, credible label is carried out by credible tag readable degree module correct
Recognition, extracts information therein, and be output to public-key cryptography authentication module, digital signature authentication module, tag identifier and test
Demonstrate,prove module and commodity sign authentication module;
Step 5: public-key cryptography authentication module obtains public key information from reading information, and in public-key cryptography library
Inquiry whether there is the disclosure key, if it is present thinking that the disclosure key is legal, otherwise terminate verification process and assert to be somebody's turn to do
Commodity are fakement.
Step 6: digital signature authentication module obtains digital signature from reading information and verifies to it, if tested
Card passes through, then the credible label is not tampered with or forges, and the content in credible label is credible, otherwise terminates verification process and recognizes
The fixed commodity are fakement;
Step 7: tag identifier authentication module obtains tag identifier from reading information, inquires credible label Verification service
Whether the tag identifier has existed verifying record in device, if do not recorded, this verifying is recorded on authentication server
The information of event is (locating when including facility information used in verification time, verifier, the IP address of verifier, verifier's verifying
Geographical location etc.), and continue the verifying of credible label;If have existed record, and credible label be it is reproducible, then
Leap to step 9;
Step 8: the commodity sign authentication module of credible label obtains commodity sign from reading information, in credible label
Inquire whether the commodity sign has existed verifying record in authentication server, if do not recorded, on authentication server
The information for recording this verifying event, otherwise exports already existing verifying event information to credible label Verification as the result is shown
Module;
Step 9: credible label Verification result display module read and show credible label tag identifier authentication module and
Commodity sign authentication module return as a result, if credible label be it is irreproducible, show verification time for the first time and commodity
Information;If credible label is reproducible, and this verifying is the verifying for the first time bought after commodity, and in the service for checking credentials
There is no the verifying of the tag identifier of the credible label and commodity sign record on device, then the commodity are from possessing the disclosure key
Production firm, otherwise show that the credible label is obtained by duplication, and judge the commodity for fakement;If this verifying is
Non- after purchase commodity is verified for the first time, and does not have the record of the credible label on authentication server but has existed identical quotient
The record of product mark then shows that the commodity from the production firm for possessing the disclosure key, and are bought in the commodity sign pair
That answers verifies recorded time for the first time, otherwise shows that the credible label is to obtain by duplication and the commodity are fakement.
According to Fig. 6, specific embodiments of the present invention (five) are as described below:
Step 1: being that commodity production manufacturer generates private cipher key and public-key cryptography by IBC or CPK key generation centre,
The tag identifier that credible label is generated by tag identifier generation module generates credible label by commodity sign generation module
Commodity sign;
Step 2: public key information that commodity production manufacturer obtains the step 1, raw information (including commodity batch
Secondary, commodity production time, production site, Corporation web site etc.), tag identifier and commodity sign input digital signature generation module with
Generate digital signature;
Step 3: credible tag generation module according to credible label raw information, tag identifier, commodity sign, disclose it is close
Key information, digital signature and generation parameter appropriate, generate credible label;
Step 4: when using or verifying credible label, credible label is carried out by credible tag readable degree module correct
Recognition, extracts information therein, and be output to digital signature authentication module, tag identifier authentication module and commodity sign and test
Demonstrate,prove module;
Step 5: digital signature authentication module obtains digital signature from reading information and verifies to it, if tested
Card passes through, then the credible label is not tampered with or forges, and the content in credible label is credible, otherwise terminates verification process and recognizes
The fixed commodity are fakement;
Step 6: tag identifier authentication module obtains tag identifier from reading information, inquires credible label Verification service
Whether the tag identifier has existed verifying record in device, if do not recorded, this verifying is recorded on authentication server
The information of event is (locating when including facility information used in verification time, verifier, the IP address of verifier, verifier's verifying
Geographical location etc.), and continue the verifying of credible label;If have existed record, and credible label be it is reproducible, then
Leap to step 8;
Step 7: the commodity sign authentication module of credible label obtains commodity sign from reading information, in credible label
Inquire whether the commodity sign has existed verifying record in authentication server, if do not recorded, on authentication server
The information for recording this verifying event, otherwise exports already existing verifying event information to credible label Verification as the result is shown
Module;
Step 8: credible label Verification result display module read and show credible label tag identifier authentication module and
Commodity sign authentication module return as a result, if credible label be it is irreproducible, show verification time for the first time and commodity
Information;If credible label is reproducible, and this verifying is the verifying for the first time bought after commodity, and in the service for checking credentials
There is no the verifying of the tag identifier of the credible label and commodity sign record on device, then the commodity are from possessing the disclosure key
Production firm, otherwise show that the credible label is obtained by duplication, and judge the commodity for fakement;If this verifying is
Non- after purchase commodity is verified for the first time, and does not have the record of the credible label on authentication server but has existed identical quotient
The record of product mark then shows that the commodity from the production firm for possessing the disclosure key, and are bought in the commodity sign pair
That answers verifies recorded time for the first time, otherwise shows that the credible label is to obtain by duplication and the commodity are fakement.
Basic principles and main features and advantage of the invention have been shown and described above.The technical staff of the industry should
Understand, the present invention is not limited to the above embodiments, and the above embodiments and description only describe originals of the invention
Reason, without departing from the spirit and scope of the present invention, the present invention also has various change, these variations both fall within requirement and protect
In the scope of the invention of shield.The claimed scope of the invention is defined by the following claims.
Claims (13)
1. generation and the verification method of a kind of credible label based on rivest, shamir, adelman, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable credible that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, credible label raw information is determined
The authenticity and non repudiation of integrality and non-repudiation and credible label owner identity;
The credible tag encryption protocol module includes digital certificate information and digital signature information;It is verified in step 4 credible
When tag encryption protocol module, the validity by verifying the digital certificate information in credible label verifies credible label owner
Identity, the integrality of credible label raw information is determined by verifying the digital signature information in credible label.
2. generation and the verification method of a kind of credible label based on rivest, shamir, adelman, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable credible that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, credible label raw information is determined
The authenticity and non repudiation of integrality and non-repudiation and credible label owner identity;
The credible tag encryption protocol module includes digital certificate information, digital signature information, trusted timestamp or can
Believe identity timestamp information;When step 4 verifies credible tag encryption protocol module, by verifying the number in credible label
The validity of certificate information authenticates the identity of credible label owner, is determined by the digital signature information verified in credible label
The integrality of the raw information of credible label, by verifying trusted timestamp or trusted identity timestamp letter in credible label
Breath ensures that credible label generates the integrality of time and content.
3. generation and the verification method of a kind of credible label based on rivest, shamir, adelman, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable credible that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, credible label raw information is determined
The authenticity and non repudiation of integrality and non-repudiation and credible label owner identity;
The credible tag encryption protocol module includes trusted identity timestamp information;Verifying credible tag encryption agreement mould
When block, pass through the trusted identity timestamp information in the credible label of verifying, it is ensured that credible label generates the complete of time and content
Whole property, and the identity of the credible label owner of certification.
4. generation and the verification method of a kind of credible label based on rivest, shamir, adelman, comprising the following steps:
Step 1: credible tag format is set by raw information;
Step 2: credible tag encryption protocol module is set;
Step 3: it is believable credible that encryption is generated according to the raw information of credible tag format and credible tag encryption protocol module
Label;
Step 4: when verifying credible label, by verifying credible tag encryption protocol module, credible label raw information is determined
The authenticity and non repudiation of integrality and non-repudiation and credible label owner identity;
The credible tag encryption protocol module includes public key information, digital signature information, trusted timestamp or can
Believe identity timestamp information;
When verifying credible tag encryption protocol module, the true of label owner's identity is verified by verifying public key information
Reality and non repudiation determine the integrality of credible label raw information by verifying the digital signature information in credible label
And non repudiation, ensure credible label by verifying trusted timestamp in credible label or trusted identity timestamp information
Generate the integrality of time and content.
5. generation and the verification method of the credible label according to claim 4 based on rivest, shamir, adelman, feature
It is:
Public key information in the credible label authenticates the identity of credible label owner according to the following method:
A. if public-key cryptography and private cipher key are raw by the key generation centre of identity-based id password system (IBC)
At then the public key information includes the parameter information of public-key cryptography and verifying signature, or including storage public-key cryptography letter
The network address information of breath, or include the query information for inquiring the database comprising public key information;
If the digital signature authentication in credible label passes through, prove that public-key cryptography is legal, has also turned out credible label and gathered around
The identity for the person of having is credible;
B. if public-key cryptography and private cipher key are generated by the key generation centre of Conbined public or double key management system (CPK),
The public key information includes public key matrix and mapping algorithm, or the letter of the network address including storing public key information
Breath, or include the query information for inquiring the database comprising public key information;If the number label in credible label
Name is verified, then the entity identifier for including in attestation-signatures is legal, and the identity for also having turned out credible label owner is credible;
C. it if public-key cryptography is the common key not comprising identification information, and is not included in digital certificate, then it is described
Public key information includes public-key cryptography, perhaps including storing the network address information of public key information or including being used for
Inquiry comprising public key information database query information, when verify public-key cryptography legitimacy need inquire locally or
Public-key cryptography library in cloud server,
If there are the digital signature authentications in the public key information and credible label to pass through in public-key cryptography library,
Think that the identity of credible label owner is credible, it is otherwise insincere;
If the corresponding private cipher key of public-key cryptography has been leaked or failed, deleted in the public-key cryptography library in local or cloud
Corresponding public key information;Signature or Encryption Algorithm may be embodied in public key information, also can store in local
Or cloud;
D. if public-key cryptography is included in the digital certificate of oneself signature, the identity for authenticating credible label owner uses the C
Method;If public-key cryptography is included in the digital certificate that authentication center CA is signed and issued, the public key information includes
Digital certificate information, network address information perhaps including digital certificate information or including for inquiring comprising number
The query information of the database of certificate information, if digital certificate authentication passes through, and the digital signature authentication in credible label
Pass through, then the identity of credible label owner is credible, otherwise insincere.
6. generation and the verification method of the credible label according to claim 2 or 3 based on rivest, shamir, adelman, special
Sign is: the trusted identity timestamp is by trusted identity time stamp server to the precise date from authoritative time source
And the time, according to credible label raw information generate digital digest, the identity information of the credible label owner by audit,
It is digitally signed and generates.
7. generation and the authentication of the credible label according to any one of claims 1-4 based on rivest, shamir, adelman
Method, it is characterised in that:
If credible label is a kind of graphical label, by adjusting the resolution ratio and graphic printing ruler of credible label generated
It is very little, make to republish the picture of credible label obtained after replicating or the digital information for being included it is different, thus by comparing institute
The picture of the label of verifying or the digital information for being included whether with the picture of the credible label of the first printing saved or
Digital information unanimously achievees the purpose that credible label anti-copying;
If there is credible label error correcting capability to make by adjusting the resolution ratio and graphic printing size of credible label graphic
The first printing introduce mistake within the scope of the error correcting capability of credible label, and make by duplication the first printing can beacon
The mistake for printing introducing again for signing figure is more than the error correcting capability of credible label, to realize the credible label of the first printing
It can correctly be distinguished, and the credible label of copying and printing can not be distinguished correctly;
It in the label include the dimension information of label printed pattern if credible label is a kind of graphical label of anti-copying,
When verifying credible label, figure mark is determined by size nominal in the full-size(d) and label of comparison current Graphics label
Whether label are replicated.
8. the generation of any credible label based on rivest, shamir, adelman and authentication in -5 according to claim 1
Method, it is characterised in that:
Include credible tag identifier in the raw information of the credible label, is one for identifying the unique of a credible label
Coding;
Include commodity sign in the raw information of the credible label, is one for identifying unique coding an of commodity;
If a credible label can be replicated, need to be tested for the first time in each credible label comprising credible tag identifier
When card, the record verifying event information in authentication module or background server uses one or more tools on the part commodity
There is the credible label of the Unique Product mark of the commodity, wherein the commodity sign of each credible label part commodity having the same
With respective unique tag identifier, each credible label is secrecy before verifying for the first time;
If a credible label be it is irreproducible, for the first time verify before do not need to make at any secrecy the credible label
Reason;
If the tag identifier of a credible label is that irreproducible and label other contents can be written, this
Label can be recorded and be recycled in background program after commodity are used, and then re-write new commodity sign for another
Part commodity it is anti-fake.
9. generation and the authentication of the credible label according to any one of claims 1-4 based on rivest, shamir, adelman
Method, it is characterised in that:
Effective storage life in the raw information of the credible label comprising the label is tested simultaneously when verifying credible label
Current time is demonstrate,proved whether in the effective storage life of the label, if current time is not in the effective storage life of the label
Interior, then the credible label is insincere.
10. generation and the authentication of the credible label according to any one of claims 1-4 based on rivest, shamir, adelman
Method, it is characterised in that:
If including digital certificate information in credible label, when being verified, show that digital certificate is believed in display module
Breath, so that verifier be facilitated to understand the identity information of credible label owner and the issuer information of digital certificate;
If in credible label include timestamp information, when being verified in display module Presentation Time Stamp information, from
And verifier is facilitated to understand generation time of credible label;
If including trusted identity timestamp in credible label, trusted identity timestamp information is shown when being verified, from
And verifier is facilitated to understand the generation time of credible label and the identity information of credible label owner;
If successful acquisition is to the time t1 and position of this time t2 verified and location information P2 and last time good authentication
Information P1 then calculates the displacement R=(P2-P1) and time difference T=(t2-t1) verified twice, and obtains speed V=R/T,
If the value of speed V is more than the early warning speed of setting, warning information is generated in display module.
11. generation and the authentication of the credible label according to any one of claims 1-4 based on rivest, shamir, adelman
Method, it is characterised in that:
A. the credible label includes at least one of:
A. complete digital certificate content;
B. the partial content of digital certificate;
C. the network storage address of digital certificate;
D. digital certificate library information;
E. digital certificate LIST SERVER information;
F. complete digital certificate chain information;
G. the network storage address of digital certificate chains;
H. for inquiring the query information of the database comprising digital certificate or digital certificate chains;
I. complete digital signature;
J. the network storage address of digital signature;
K. for inquiring the query information of the database comprising digital signature;
L. complete public key information;
M. the network storage address of public key information;
N. for inquiring the query information of the database comprising public key information;
O. the tag identifier of credible label;
P. the commodity sign of credible label;
Q. the validity period of credible label;
R. complete credible label raw information;
S. the HASH value of credible label raw information;
T. the network storage address of credible label raw information;
U. for inquiring the query information of the database comprising raw information;
V. the identity information of credible label owner;
W. the network address of credible label Verification server;
B. it if the credible label includes the network storage address of digital certificate or digital certificate chains, verifies credible label and adds
Pass through network downloading digital certificate when close protocol module;
C. if the credible label includes the information of digital certificate library or LIST SERVER, credible tag encryption is verified
Pass through network downloading or enquiring digital certificate when protocol module;
D. if the credible label includes the network storage address of public key information, credible tag encryption agreement mould is verified
Public key information is downloaded by network when block;
E. if the credible label includes the network storage address of digital signature, credible tag encryption protocol module is verified
When digital signature downloaded by network;
F. if the credible label includes the network storage address of trusted timestamp or trusted identity timestamp, verifying can
Trusted timestamp or trusted identity timestamp are downloaded by network when beacon label cryptographic protocol module;
G. if including the identity information of credible label owner in the credible label raw information, credible label is verified
When can pass through identity information, the identity information in digital certificate, trusted identity time compared in credible label raw information
Whether the identity information in stamp is credible come the identity for further verifying credible label owner;
H. the downloading and verifying of the credible label information may operate in the local of authentication module, also may operate in cloud
End;
I. the raw information can be in plain text, can also be by encryption;
J. the raw information can be label original contents perhaps the HASH value of original contents or the net of original contents
Network storage address, or the query information for inquiring the database comprising original contents;
It K., can be credible tag encryption agreement mould if there is the credible label full stop to indicate that raw information terminates
Block is placed on behind the full stop;
L. the credible label is the form of printing or electronics;
M. the credible label is two dimensional code perhaps customized pattern perhaps RFID tag or NFC label, Huo Zhe electricity
Subtab perhaps chip tag or sensor tag.
12. a kind of anti-counterfeiting system of credible label, including unsymmetrical key or digital certificate generate center, credible tag encryption association
Discuss module storage server, credible label generates and verifying equipment and credible label Verification server, it is characterised in that:
Unsymmetrical key or digital certificate generate center, are used to generate digital certificate or asymmetric close to credible label owner
Key;
Credible tag encryption protocol module storage server, for storing the credible tag encryption agreement mould of credible label owner
Block message, including public key information or digital certificate information or digital signature information or trusted timestamp or trusted identity
Timestamp information;
Credible label Verification server can also for recording the verifying event of credible label and the details of anti-counterfeit commodities
With the authentication module for executing credible label, cloud verifying is realized;
The generation of credible label with verifying equipment include:
Trusted timestamp generation module generates digital digest according to credible label substance, and to the trusted timestamp server
Apply for trusted timestamp, and the trusted timestamp is inputted into credible tag generation module;
Trusted identity timestamp generation module generates digital digest according to credible label raw information, and to the trusted identity
Time stamp server application trusted identity timestamp, and the trusted identity timestamp is inputted into credible tag generation module;
The tag identifier generation module of credible label generates unique tag identifier for each label;
The commodity sign generation module of credible label is that every commodity generate unique commodity sign;
Unsymmetrical key generation module generates oneself private cipher key and public-key cryptography for label owner;
Credible tag generation module, according to credible label raw information or tag identifier or commodity sign or label
Validity period or public key information or digital certificate information or digital signature information or trusted timestamp can
Believe identity timestamp information, generates credible label;
Credible tag readable degree module extracts the digital certificate information being verified in credible label, and is output to digital certificate
Authentication module;The digital signature being verified in credible label is extracted, and is output to digital signature authentication module;Extraction is tested
The trusted timestamp in credible label is demonstrate,proved, and is output to trusted timestamp authentication module;Extraction is verified in credible label
Trusted identity timestamp, and be output to trusted identity timestamp verification module;Extract the mark being verified in credible label
Label mark, and it is output to tag identifier authentication module;The commodity sign being verified in credible label is extracted, and is output it
To commodity sign authentication module;
Digital certificate authentication module, verifying digital certificate information confirm the authenticity of credible label owner identity;
Digital signature authentication module, verifying digital signature confirm the integrality of credible label substance;
Trusted timestamp authentication module, verifying trusted timestamp confirm the integrality of credible label substance and the life of credible label
At the time;
Trusted identity timestamp verification module verifies the integrality that the trusted identity timestamp confirms credible label substance,
The authenticity of the generation time of credible label and credible label owner identity;
Whether the tag identifier authentication module of credible label inquires in local or credible label Verification server the tag identifier
There is verifying to record, if it is verifying for the first time, then records the information of this verifying event on local or authentication server, otherwise
Return to already existing verifying event information;
The commodity sign authentication module of credible label records the sheet of the commodity sign on local or credible label Verification server
Secondary verifying event information, and return to already existing verifying event information;
Credible label Verification result display module, when showing that the digital certificate information after being verified or credible label generate
Between, or corresponding verifying event information and merchandise news.
13. a kind of anti-counterfeiting system of credible label described in claim 12, it is characterised in that:
Credible tag encryption protocol module storage server be X.500 LIST SERVER perhaps ldap directory server or
Web server perhaps ftp server perhaps dns server or cloud storage service device;
Credible label Verification server is with recording credible label Verification event, commodity purchasing event, commodity details
Data server;
Credible label Verification server can execute credible label Verification module to realize the cloud verifying of credible label.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510454896.5A CN105024824B (en) | 2014-11-05 | 2015-07-29 | The generation and verification method and system of credible label based on rivest, shamir, adelman |
PCT/CN2016/084875 WO2017016318A1 (en) | 2014-11-05 | 2016-06-04 | Credible label generation and verification method and system based on asymmetric cryptographic algorithm |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410618158 | 2014-11-05 | ||
CN2014106181585 | 2014-11-05 | ||
CN201510454896.5A CN105024824B (en) | 2014-11-05 | 2015-07-29 | The generation and verification method and system of credible label based on rivest, shamir, adelman |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105024824A CN105024824A (en) | 2015-11-04 |
CN105024824B true CN105024824B (en) | 2018-12-21 |
Family
ID=54414560
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510454896.5A Active CN105024824B (en) | 2014-11-05 | 2015-07-29 | The generation and verification method and system of credible label based on rivest, shamir, adelman |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN105024824B (en) |
WO (1) | WO2017016318A1 (en) |
Families Citing this family (63)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105024824B (en) * | 2014-11-05 | 2018-12-21 | 浙江码博士防伪科技有限公司 | The generation and verification method and system of credible label based on rivest, shamir, adelman |
CN105447710A (en) * | 2015-11-12 | 2016-03-30 | 东北大学 | Commodity authenticity verification system and commodity authenticity verification method based on two-dimensional barcode in e-commerce |
CN108243402B (en) * | 2015-12-09 | 2021-06-01 | Oppo广东移动通信有限公司 | Method and device for reading and writing smart card |
CN105427117A (en) * | 2015-12-18 | 2016-03-23 | 沈阳圆梦科技有限公司 | Universal traceable anti-fake system of agricultural products based on electronic data preservation technology and method of same |
CN105634741A (en) * | 2015-12-24 | 2016-06-01 | 上海莱柏信息科技有限公司 | Identity authentication method based on trusted tag and identity authentication system based on trusted tag |
SG10201600192TA (en) * | 2016-01-11 | 2017-08-30 | Mastercard Asia Pacific Pte Ltd | A Method For Dynamic Authentication Of An Object |
CN105590227A (en) * | 2016-01-14 | 2016-05-18 | 姜智广 | Dynamic verification method, apparatus, and system of authenticity of commodity |
CN106027479B (en) * | 2016-01-21 | 2019-04-05 | 李明 | A kind of method for dynamically processing and system of authentication ids information process request |
GB2547025A (en) * | 2016-02-05 | 2017-08-09 | Thales Holdings Uk Plc | A method of data transfer, a method of controlling use of data and a cryptographic device |
JP6760740B2 (en) * | 2016-02-26 | 2020-09-23 | 東芝テック株式会社 | Receipt server and program |
CN107169769A (en) * | 2016-03-08 | 2017-09-15 | 广州市动景计算机科技有限公司 | The brush amount recognition methods of application program, device |
CN106022738A (en) * | 2016-06-02 | 2016-10-12 | 中国联合网络通信集团有限公司 | Two-dimensional code safety payment method, terminal, and system |
CN106452756B (en) * | 2016-11-08 | 2018-03-30 | 王栋 | Can the safe Quick Response Code construction verification method of off-line verification and device |
CN106452734A (en) * | 2016-12-17 | 2017-02-22 | 上海莱柏信息科技有限公司 | Trusted tag generation method based on secure element and trusted tag generation system thereof |
CN107067056A (en) * | 2017-02-14 | 2017-08-18 | 阿里巴巴集团控股有限公司 | Two-dimensional code generation method and its equipment and two-dimensional code identification method and its equipment |
CN106897761A (en) * | 2017-03-06 | 2017-06-27 | 山东渔翁信息技术股份有限公司 | A kind of two-dimensional code generation method and device |
CN107154848A (en) * | 2017-03-10 | 2017-09-12 | 深圳市盾盘科技有限公司 | A kind of data encryption based on CPK certifications and storage method and device |
CN107103255A (en) * | 2017-04-27 | 2017-08-29 | 百望电子发票数据服务有限公司 | A kind of electronic invoice layout files verification method and system |
CN107392612A (en) * | 2017-06-05 | 2017-11-24 | 广东工业大学 | A kind of method based on traffic Quick Response Code transaction verification |
CN107038470B (en) * | 2017-06-09 | 2024-03-22 | 李娟� | NFC network intelligent code-teaching machine |
CN107316182A (en) * | 2017-06-30 | 2017-11-03 | 福建亿榕信息技术有限公司 | A kind of generation method of electronic contract chain of evidence and generation system |
WO2019012310A1 (en) * | 2017-07-11 | 2019-01-17 | Yuen Hon Man Honmy | Facility media access safeguard systems |
CN109495268B (en) * | 2017-09-12 | 2020-12-29 | 中国移动通信集团公司 | Two-dimensional code authentication method and device and computer readable storage medium |
CN107944526B (en) * | 2017-10-19 | 2021-02-23 | 浙江码博士防伪科技有限公司 | Tamper-proof and copy-proof two-dimensional code anti-counterfeiting method |
CN108366370B (en) * | 2018-02-02 | 2019-08-02 | 东南大学 | A kind of information transferring method quantifying privately owned asymmetric key based on radio channel characteristic |
JP2019148930A (en) * | 2018-02-26 | 2019-09-05 | 株式会社オプトエレクトロニクス | Two-dimensional code, system and method for outputting two-dimensional code, system and method for reading two-dimensional code, and program |
CN108764930A (en) * | 2018-03-23 | 2018-11-06 | 成都众宜天成科技有限公司 | The implementation method of commodity counterfeit prevention verification platform based on block chain structure |
CN108681904A (en) * | 2018-04-01 | 2018-10-19 | 蒋欣言 | A kind of fake certification implementation method of bottled formula commodity |
CN109034805B (en) * | 2018-08-09 | 2022-09-02 | 江苏先安科技有限公司 | Timestamp signature verification method suitable for block chain and embedded field |
CN109409472B (en) | 2018-08-24 | 2022-11-22 | 创新先进技术有限公司 | Two-dimensional code generation method, data processing device and server |
CN110955868A (en) * | 2018-09-27 | 2020-04-03 | 千寻位置网络有限公司 | Certificate expiration verification method and device and terminal equipment |
CN109615030A (en) * | 2018-10-12 | 2019-04-12 | 阿里巴巴集团控股有限公司 | Dimension code anti-counterfeit method, equipment and system based on security application |
US11568424B2 (en) | 2018-10-18 | 2023-01-31 | CPI Card Group—Colorado, Inc. | Method and system for product authentication |
CN109617675B (en) * | 2018-11-15 | 2024-02-06 | 国网电动汽车服务有限公司 | Method and system for authenticating identifiers of both sides between charge and discharge facility and user terminal |
CN109543791B (en) * | 2018-11-20 | 2022-01-25 | 白绍江 | Product anti-counterfeiting verification method and system |
CN109544182B (en) * | 2018-11-20 | 2021-05-14 | 孟凡富 | Product anti-counterfeiting verification method and system |
CN109583555B (en) * | 2018-11-20 | 2022-02-22 | 王建新 | Product anti-counterfeiting electronic tag authentication method and system |
CN109905360B (en) * | 2019-01-07 | 2021-12-03 | 平安科技(深圳)有限公司 | Data verification method and terminal equipment |
CN109886006A (en) * | 2019-02-28 | 2019-06-14 | 尤尼泰克(嘉兴)信息技术有限公司 | A kind of information source checking method and device based on two dimensional code |
CN110147666B (en) * | 2019-03-29 | 2022-12-16 | 西安电子科技大学 | Lightweight NFC identity authentication method in scene of Internet of things and Internet of things communication platform |
CN110009079A (en) * | 2019-04-17 | 2019-07-12 | 尤尼泰克(嘉兴)信息技术有限公司 | A kind of label identification method and equipment based on two dimensional code |
CN110472716A (en) * | 2019-08-21 | 2019-11-19 | 深圳市深华方科技有限公司 | A kind of generation method of two dimensional code, two-dimension code generator and anti-counterfeiting system |
CN110472715A (en) * | 2019-08-21 | 2019-11-19 | 深圳市深华方科技有限公司 | A kind of generation method of dynamic two-dimension code, two-dimension code generator and anti-counterfeiting system |
CN112464253A (en) * | 2019-09-09 | 2021-03-09 | 云南天质弘耕科技有限公司 | Large-scale agricultural product traceability management system based on block chain technology |
CN110969445B (en) * | 2019-10-31 | 2024-05-28 | 广州市人民印刷厂股份有限公司 | NFC-based anti-counterfeiting method |
CN110912693B (en) * | 2019-11-22 | 2022-06-03 | 福建金密网络安全测评技术有限公司 | Digital certificate format compliance detection system |
CN110830237B (en) * | 2019-11-29 | 2023-05-12 | 晋商博创(北京)科技有限公司 | CPK key generation method, device, entity and key center based on time |
CN111178913A (en) * | 2019-12-31 | 2020-05-19 | 天津津滨信钥信息技术有限公司 | Product quality assurance generation and verification method, device, server and storage medium |
CN111260010A (en) * | 2020-01-20 | 2020-06-09 | 浙江中国轻纺城网络有限公司 | Processing method, device and equipment for user-defined two-dimensional code label |
CN111260528B (en) * | 2020-02-07 | 2021-09-28 | 赵�智 | Real estate information verification method based on asymmetric algorithm |
CN111091398B (en) * | 2020-03-19 | 2020-08-25 | 北京达邦食安科技有限公司 | Agricultural product traceability system |
US11645424B2 (en) | 2020-04-27 | 2023-05-09 | International Business Machines Corporation | Integrity verification in cloud key-value stores |
CN111698093B (en) * | 2020-06-11 | 2022-07-15 | 江苏海洋大学 | Digital timestamp issuing and verifying method based on PKI system |
CN112699360B (en) * | 2020-12-30 | 2023-07-04 | 北京天融信网络安全技术有限公司 | Hardware anti-counterfeiting method and device, readable storage medium and electronic equipment |
CN113641301A (en) * | 2021-02-19 | 2021-11-12 | 中国建设银行股份有限公司 | Data management method and device |
CN112865972B (en) * | 2021-03-31 | 2023-03-14 | 深圳市巽震科技孵化器有限公司 | Initialization method, device and system based on digital certificate platform and storage device |
CN113556748B (en) * | 2021-06-23 | 2023-06-16 | 中国联合网络通信集团有限公司 | Signaling tracing identification method, device and system |
CN114492491B (en) * | 2022-01-24 | 2022-09-13 | 芯电智联(北京)科技有限公司 | Data management system for NFC label application |
CN114491671B (en) * | 2022-01-27 | 2022-10-14 | 宋舒涵 | Market supervision commodity label tracing method and system based on block chain |
US20230308439A1 (en) * | 2022-03-22 | 2023-09-28 | Cisco Technology, Inc. | Distributed hierarchical authentication of system component identities |
US11954007B2 (en) | 2022-04-20 | 2024-04-09 | International Business Machines Corporation | Tracking usage of common libraries by means of digitally signed digests thereof |
CN115277093B (en) * | 2022-06-24 | 2024-03-26 | 北京奕斯伟计算技术股份有限公司 | Tamper verification method, tamper verification system, tamper verification device and electronic equipment |
CN115913563B (en) * | 2022-10-09 | 2023-09-29 | 鼎铉商用密码测评技术(深圳)有限公司 | Electronic signature generation method, verification method and device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101520865A (en) * | 2009-03-31 | 2009-09-02 | 薛忠华 | Anti-drug counterfeiting method using radio frequency electronic tag and public key infrastructure |
CN103795546A (en) * | 2014-02-18 | 2014-05-14 | 广东数字证书认证中心有限公司 | Generating method and authentication method of data label and system of generating method and authentication method |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030063772A1 (en) * | 2001-09-06 | 2003-04-03 | Smith Joshua R. | System and method for authentication and tracking of a workpiece that includes an optically active medium |
JP5115424B2 (en) * | 2008-09-24 | 2013-01-09 | 富士ゼロックス株式会社 | Time certification apparatus, time certification method, and program |
CN102779263A (en) * | 2012-06-19 | 2012-11-14 | 袁开国 | Credible two-dimensional code scheme based on public key infrastructure (PKI) and digital signature |
CN104348870A (en) * | 2013-08-02 | 2015-02-11 | 航天信息股份有限公司 | Data management method and system of cloud storage system based on trusted timestamp |
CN103514410B (en) * | 2013-09-30 | 2017-01-18 | 上海市数字证书认证中心有限公司 | Dependable preservation and evidence collection system and method for electronic contract |
CN103839097A (en) * | 2014-03-20 | 2014-06-04 | 武汉信安珞珈科技有限公司 | Method and device for generating two-dimension code based on digital signature |
CN104008322B (en) * | 2014-06-14 | 2016-10-05 | 河南融信数据有限公司 | Quick Response Code publisher's identity identifying method based on reliable digit signature |
CN105635070B (en) * | 2014-11-05 | 2019-12-27 | 许田 | Anti-counterfeiting method and system for digital file |
CN105024824B (en) * | 2014-11-05 | 2018-12-21 | 浙江码博士防伪科技有限公司 | The generation and verification method and system of credible label based on rivest, shamir, adelman |
-
2015
- 2015-07-29 CN CN201510454896.5A patent/CN105024824B/en active Active
-
2016
- 2016-06-04 WO PCT/CN2016/084875 patent/WO2017016318A1/en active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101520865A (en) * | 2009-03-31 | 2009-09-02 | 薛忠华 | Anti-drug counterfeiting method using radio frequency electronic tag and public key infrastructure |
CN103795546A (en) * | 2014-02-18 | 2014-05-14 | 广东数字证书认证中心有限公司 | Generating method and authentication method of data label and system of generating method and authentication method |
Non-Patent Citations (1)
Title |
---|
可信时间戳构筑电子档案安全堡垒;杨茜雅等;《档案与建设》;20130715(第7期);第1.1-1.3节 * |
Also Published As
Publication number | Publication date |
---|---|
CN105024824A (en) | 2015-11-04 |
WO2017016318A1 (en) | 2017-02-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105024824B (en) | The generation and verification method and system of credible label based on rivest, shamir, adelman | |
JP7385663B2 (en) | Method and system for preparing and performing object authentication | |
TWI819191B (en) | Methods and systems for token-based anchoring of a physical object in a distributed ledger environment | |
JP5139415B2 (en) | Article information acquisition method and apparatus | |
CN106452756A (en) | Construction verification method and device capable of verifying security two-dimensional code offline | |
CN106209877A (en) | A kind of be certification core with block chain backstage false-proof authentication system | |
CN102799990A (en) | Double-two-dimensional product anti-counterfeiting scheme based on PKI (Public Key Infrastructure) | |
CN104281954A (en) | Anti-counterfeiting method for product | |
CN101009014A (en) | Secure anti-counterfeiting method and system thereof | |
CN102855577B (en) | Multiple commodity antifake check method based on cloud computing | |
CN104156862A (en) | Wechat-platform-based two-dimensional code anti-fake and anti-channel conflict inquiry system and method | |
UA120342C2 (en) | Method and apparatus for marking manufactured items using physical characteristic | |
JPH06176036A (en) | Method for forming duplication which can be authenticated | |
CN111919215A (en) | Authentication of packaged products | |
CN111630544A (en) | Method and system for controlling distribution of products in computer network | |
CN103795546A (en) | Generating method and authentication method of data label and system of generating method and authentication method | |
US7505945B2 (en) | Electronic negotiable documents | |
CN102385710A (en) | Method and system for verifying fact or fiction | |
US20180205714A1 (en) | System and Method for Authenticating Electronic Tags | |
JP2015162694A (en) | Article authentication system, authentication server and article authentication method | |
JP2015213288A (en) | Optical code, information transmission method, and authentication method | |
CN102298756A (en) | Method for ensuring security of computer lottery trade information | |
CN104463016A (en) | Data safety storing method suitable for IC cards and two-dimension codes | |
CN102842053B (en) | A kind of false proof figure code label and manufacture method thereof | |
JPH10135943A (en) | Portable information storage medium, verification method and verification system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20180917 Address after: 321100 science and technology talent Park, 85 Zhiyuan Road, Lanxi, Zhejiang Applicant after: Zhejiang code PhD anti-counterfeit technology Co., Ltd. Address before: 226001 Room 303, 30, Hua Di Park, Hao Xi garden, Nantong, Jiangsu. Applicant before: Zhu Guolong Applicant before: Xu Tian |
|
GR01 | Patent grant | ||
GR01 | Patent grant |